RF Identification (RFID) is currently the dominate technology in physical access control systems. Consequently, there is a huge global legacy of installed access control readers that use RFID. The same RFID standards are used for other applications such as transport, luggage identification, ticketing, payment according to the Contactless EMV standard (Europay, MasterCard, Visa), and more.
Generally, a RFID reader (or simply, a “reader”) is presented with an access credential. The reader then authenticates the access credential, alone or with additional user input (e.g., password, PIN, biometric data, etc.). If successfully authenticated, the reader causes a signal to be sent to an access controller, such as to a door lock, and thereby allow the access credential holder to gain access to a secured asset protected by the access controller, such as a room, building, equipment, etc.
Readers and access credentials are subject to a variety of attacks. Attacks may be as crude as physically attacking in an attempt to damage or open the reader, or more sophisticated attacks, such as whereby signals are created in an attempt to mimic the signal of an authenticated access credential.
Often readers in a single installation may appear very similar, or even identical, in outward appearance. A bad actor may attempt to remove a legitimate reader. The interior of the legitimate reader may be altered or replaced in an attempt to gain knowledge associated with presented access credentials. In certain environments a bad actor may have legitimate access privileges to one area but not to another. The bad actor may attempt to switch the readers in an attempt to gain access to the unauthorized area. If the physical appearance of the readers is sufficiently similar, personnel may be unaware that the readers have been swapped.